update

dmz/internalproxy/templates/duplicati.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: duplicati
-spec:
-  ports:
-  - name: app
-    port: 8200
-    protocol: TCP
-    targetPort: 8200
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: duplicati
-subsets:
-- addresses:
-  - ip: 192.168.21.200
-  ports:
-  - name: app
-    port: 8200
-    protocol: TCP
-
----    
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -43,7 +14,7 @@ spec:
       namespace: traefik  
     kind: Rule
     services:
-    - name: duplicati
+    - name: unraid
       port: 8200
   tls:
     secretName: duplicati-tls

dmz/internalproxy/templates/endpoints.yaml

@@ -60,6 +60,58 @@ spec:
       port: 8267
       protocol: TCP
       targetPort: 8267
+    - name: duplicati
+      port: 8200
+      protocol: TCP
+      targetPort: 8200
+    - name: forgejo
+      port: 3000
+      protocol: TCP
+      targetPort: 3000
+    - name: freshrss
+      port: 8085
+      protocol: TCP
+      targetPort: 8085
+    - name: gitlab-ssh
+      port: 9022
+      protocol: TCP
+      targetPort: 9022
+    - name: gitlab
+      port: 9443
+      protocol: TCP
+      targetPort: 9443
+    - name: minio
+      port: 9769
+      protocol: TCP
+      targetPort: 9769
+    - name: nextcloud
+      port: 11000
+      protocol: TCP
+      targetPort: 11000
+    - name: nexus
+      port: 8081
+      protocol: TCP
+      targetPort: 8081
+    - name: openweb-ui
+      port: 8089
+      protocol: TCP
+      targetPort: 8089
+    - name: plex
+      port: 32400
+      protocol: TCP
+      targetPort: 32400
+    - name: registry
+      port: 5000
+      protocol: TCP
+      targetPort: 5000
+    - name: root-vault
+      port: 8201
+      protocol: TCP
+      targetPort: 8201
+    - name: s3
+      port: 9768
+      protocol: TCP
+      targetPort: 9768
 
 ---
 
@@ -77,3 +129,83 @@ subsets:
       - name: tdarr
         port: 8267
         protocol: TCP
+      - name: duplicati
+        port: 8200
+        protocol: TCP
+      - name: forgejo
+        port: 3000
+        protocol: TCP
+      - name: freshrss
+        port: 8085
+        protocol: TCP
+      - name: gitlab-ssh
+        port: 9022
+        protocol: TCP
+      - name: gitlab
+        port: 9443
+        protocol: TCP
+      - name: minio
+        port: 9769
+        protocol: TCP
+      - name: nextcloud
+        port: 11000
+        protocol: TCP
+      - name: nexus
+        port: 8081
+        protocol: TCP
+      - name: openweb-ui
+        port: 8089
+        protocol: TCP
+      - name: plex
+        port: 32400
+        protocol: TCP
+      - name: registry
+        port: 5000
+        protocol: TCP
+      - name: root-vault
+        port: 8201
+        protocol: TCP
+      - name: s3
+        port: 9768
+        protocol: TCP
+
+---
+
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: ubuntu
+subsets:
+  - addresses:
+      - ip: 192.168.20.104
+    ports:
+      - name: https
+        port: 443
+        protocol: TCP
+      - name: litellm
+        port: 4000
+        protocol: TCP
+      - name: ollama
+        port: 11435
+        protocol: TCP
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: ubuntu
+spec:
+  ports:
+    - name: https
+      port: 443
+      protocol: TCP
+      targetPort: 443
+    - name: litellm
+      port: 4000
+      protocol: TCP
+      targetPort: 4000
+    - name: ollama
+      port: 11435
+      protocol: TCP
+      targetPort: 11435

dmz/internalproxy/templates/forgejo.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: forgejo
-spec:
-  ports:
-    - name: app
-      port: 3000
-      protocol: TCP
-      targetPort: 3000
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: forgejo
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 3000
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,7 +9,7 @@ spec:
     - match: Host(`forgejo.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: forgejo
+        - name: unraid
           port: 3000
           scheme: http
   tls:

dmz/internalproxy/templates/freshrss.yaml

@@ -1,33 +1,3 @@
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: freshrss
-spec:
-  ports:
-    - name: app
-      port: 8085
-      protocol: TCP
-      targetPort: 8085
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: freshrss
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 8085
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -39,7 +9,7 @@ spec:
     - match: Host(`freshrss.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: freshrss
+        - name: unraid
           port: 8085
   tls:
     secretName: freshrss-tls

dmz/internalproxy/templates/gitlab.yaml

@@ -1,30 +1,30 @@
-apiVersion: v1
+#apiVersion: v1
-kind: Service
+#kind: Service
-metadata:
+#metadata:
-  name: gitlab-ssh
+#  name: gitlab-ssh
-spec:
+#spec:
-  ports:
+#  ports:
-    - name: app
+#    - name: app
-      port: 9022
+#      port: 9022
-      protocol: TCP
+#      protocol: TCP
-      targetPort: 9022
+#      targetPort: 9022
-  clusterIP: None
+#  clusterIP: None
-  type: ClusterIP
+#  type: ClusterIP
-
+#
----
+#---
-apiVersion: v1
+#apiVersion: v1
-kind: Endpoints
+#kind: Endpoints
-metadata:
+#metadata:
-  name: gitlab-ssh
+#  name: gitlab-ssh
-subsets:
+#subsets:
-  - addresses:
+#  - addresses:
-      - ip: 192.168.21.200
+#      - ip: 192.168.21.200
-    ports:
+#    ports:
-      - name: app
+#      - name: app
-        port: 9022
+#        port: 9022
-        protocol: TCP
+#        protocol: TCP
-
+#
----
+#---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRouteTCP
 metadata:
@@ -35,36 +35,9 @@ spec:
   routes:
     - match: HostSNI(`*`)
       services:
-        - name: gitlab-ssh
+        - name: unraid
           port: 9022
 
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: gitlab
-spec:
-  ports:
-    - name: app
-      port: 9443
-      protocol: TCP
-      targetPort: 9443
-  clusterIP: None
-  type: ClusterIP
-
----
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: gitlab
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 9443
-        protocol: TCP
-
 ---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
@@ -77,7 +50,7 @@ spec:
     - match: Host(`gitlab.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: gitlab
+        - name: unraid
           port: 9443
           scheme: https
   tls:

dmz/internalproxy/templates/invidious.yaml

@@ -1,74 +1,75 @@
-apiVersion: v1
+#apiVersion: v1
-kind: Service
+#kind: Service
-metadata:
+#metadata:
-  name: invidious
+#  name: invidious
-spec:
+#spec:
-  ports:
+#  ports:
-  - name: app
+#  - name: app
-    port: 3000
+#    port: 3000
-    protocol: TCP
+#    protocol: TCP
-    targetPort: 3000
+#    targetPort: 3000
-  clusterIP: None
+#  clusterIP: None
-  type: ClusterIP
+#  type: ClusterIP
-
+#
----
+#---
-
+#
-apiVersion: v1
+#apiVersion: v1
-kind: Endpoints
+#kind: Endpoints
-metadata:
+#metadata:
-  name: invidious
+#  name: invidious
-subsets:
+#subsets:
-- addresses:
+#- addresses:
-  - ip: 192.168.20.104
+#  - ip: 192.168.20.104
-  ports:
+#  ports:
-  - name: app
+#  - name: app
-    port: 3000
+#    port: 3000
-    protocol: TCP
+#    protocol: TCP
-
+#
----    
+#---
-
+#
-apiVersion: traefik.io/v1alpha1
+#apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
+#kind: IngressRoute
-metadata:
+#metadata:
-  name: invidious-ingress
+#  name: invidious-ingress
-spec:
+#spec:
-  entryPoints:
+#  entryPoints:
-    - websecure
+#    - websecure
-  routes:
+#  routes:
-  - match: Host(`invidious.durp.info`) && PathPrefix(`/`)
+#  - match: Host(`invidious.durp.info`) && PathPrefix(`/`)
-    middlewares:
+#    middlewares:
-    - name: authentik-proxy-provider
+#    - name: authentik-proxy-provider
-      namespace: traefik  
+#      namespace: traefik
-    kind: Rule
+#    kind: Rule
-    services:
+#    services:
-    - name: invidious
+#    - name: invidious
-      port: 3000
+#      port: 3000
-  tls:
+#  tls:
-    secretName: invidious-tls
+#    secretName: invidious-tls
-
+#
----
+#---
-
+#
-apiVersion: cert-manager.io/v1
+#apiVersion: cert-manager.io/v1
-kind: Certificate
+#kind: Certificate
-metadata:
+#metadata:
-  name: invidious-tls
+#  name: invidious-tls
-spec:
+#spec:
-  secretName: invidious-tls
+#  secretName: invidious-tls
-  issuerRef:
+#  issuerRef:
-    name: letsencrypt-production
+#    name: letsencrypt-production
-    kind: ClusterIssuer
+#    kind: ClusterIssuer
-  commonName: "invidious.durp.info"
+#  commonName: "invidious.durp.info"
-  dnsNames:
+#  dnsNames:
-  - "invidious.durp.info"  
+#  - "invidious.durp.info"
-
+#
----
+#---
-
+#
-kind: Service
+#kind: Service
-apiVersion: v1
+#apiVersion: v1
-metadata:
+#metadata:
-  name: invidious-external-dns
+#  name: invidious-external-dns
-  annotations:
+#  annotations:
-    external-dns.alpha.kubernetes.io/hostname: invidious.durp.info
+#    external-dns.alpha.kubernetes.io/hostname: invidious.durp.info
-spec:
+#spec:
-  type: ExternalName
+#  type: ExternalName
-  externalName: durp.info
+#  externalName: durp.info
+#

dmz/internalproxy/templates/kasm.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: kasm
-spec:
-  ports:
-    - name: app
-      port: 443
-      protocol: TCP
-      targetPort: 443
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: kasm
-subsets:
-  - addresses:
-      - ip: 192.168.20.104
-    ports:
-      - name: app
-        port: 443
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,7 +9,7 @@ spec:
     - match: Host(`kasm.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: kasm
+        - name: ubuntu
           port: 443
           scheme: https
   tls:

dmz/internalproxy/templates/kuma.yaml

@@ -1,45 +1,46 @@
-apiVersion: traefik.io/v1alpha1
+#apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
+#kind: IngressRoute
-metadata:
+#metadata:
-  name: kuma-ingress
+#  name: kuma-ingress
-spec:
+#spec:
-  entryPoints:
+#  entryPoints:
-    - websecure
+#    - websecure
-  routes:
+#  routes:
-  - match: Host(`kuma.durp.info`) && PathPrefix(`/`) 
+#  - match: Host(`kuma.durp.info`) && PathPrefix(`/`)
-    kind: Rule
+#    kind: Rule
-    middlewares:
+#    middlewares:
-    - name: authentik-proxy-provider
+#    - name: authentik-proxy-provider
-      namespace: traefik  
+#      namespace: traefik
-    services:
+#    services:
-    - name: master-cluster
+#    - name: master-cluster
-      port: 443
+#      port: 443
-  tls:
+#  tls:
-    secretName: kuma-tls
+#    secretName: kuma-tls
-
+#
----
+#---
-
+#
-apiVersion: cert-manager.io/v1
+#apiVersion: cert-manager.io/v1
-kind: Certificate
+#kind: Certificate
-metadata:
+#metadata:
-  name: kuma-tls
+#  name: kuma-tls
-spec:
+#spec:
-  issuerRef:
+#  issuerRef:
-    name: letsencrypt-production
+#    name: letsencrypt-production
-    kind: ClusterIssuer
+#    kind: ClusterIssuer
-  secretName: kuma-tls
+#  secretName: kuma-tls
-  commonName: "kuma.durp.info"
+#  commonName: "kuma.durp.info"
-  dnsNames:
+#  dnsNames:
-  - "kuma.durp.info"
+#  - "kuma.durp.info"
-
+#
----
+#---
-
+#
-kind: Service
+#kind: Service
-apiVersion: v1
+#apiVersion: v1
-metadata:
+#metadata:
-  name: kuma-external-dns
+#  name: kuma-external-dns
-  annotations:
+#  annotations:
-    external-dns.alpha.kubernetes.io/hostname: kuma.durp.info
+#    external-dns.alpha.kubernetes.io/hostname: kuma.durp.info
-spec:
+#spec:
-  type: ExternalName
+#  type: ExternalName
-  externalName: durp.info
+#  externalName: durp.info
+#

dmz/internalproxy/templates/litellm.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: litellm
-spec:
-  ports:
-    - name: app
-      port: 4000
-      protocol: TCP
-      targetPort: 4000
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: litellm
-subsets:
-  - addresses:
-      - ip: 192.168.20.104
-    ports:
-      - name: app
-        port: 4000
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,7 +9,7 @@ spec:
     - match: Host(`litellm.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: litellm
+        - name: ubuntu
           port: 4000
   tls:
     secretName: litellm-tls

dmz/internalproxy/templates/minio.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: minio
-spec:
-  ports:
-    - name: app
-      port: 9769
-      protocol: TCP
-      targetPort: 9769
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: minio
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 9769
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -41,7 +12,7 @@ spec:
           namespace: traefik
       kind: Rule
       services:
-        - name: minio
+        - name: unraid
           port: 9769
           scheme: http
   tls:

dmz/internalproxy/templates/nextcloud.yaml

@@ -1,30 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: nextcloud
-spec:
-  ports:
-    - name: app
-      port: 11000
-      protocol: TCP
-      targetPort: 11000
-  clusterIP: None
-  type: ClusterIP
-
----
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: nextcloud
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 11000
-        protocol: TCP
-
----
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,7 +11,7 @@ spec:
       middlewares:
         - name: nextcloud-chain
       services:
-        - name: nextcloud
+        - name: unraid
           port: 11000
           scheme: http
   tls:

dmz/internalproxy/templates/nexus.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: nexus
-spec:
-  ports:
-  - name: app
-    port: 8081
-    protocol: TCP
-    targetPort: 8081
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: nexus
-subsets:
-- addresses:
-  - ip: 192.168.21.200
-  ports:
-  - name: app
-    port: 8081
-    protocol: TCP
-
----    
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,7 +9,7 @@ spec:
   - match: Host(`nexus.durp.info`) && PathPrefix(`/`)
     kind: Rule
     services:
-    - name: nexus
+    - name: unraid
       port: 8081
   tls:
     secretName: nexus-tls

dmz/internalproxy/templates/ollama.yaml

@@ -15,7 +15,6 @@ spec:
         property: users
 
 ---
-
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
@@ -26,36 +25,6 @@ spec:
     secret: ollama-secret
 
 ---
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: ollama
-spec:
-  ports:
-    - name: app
-      port: 11435
-      protocol: TCP
-      targetPort: 11435
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: ollama
-subsets:
-  - addresses:
-      - ip: 192.168.20.104
-    ports:
-      - name: app
-        port: 11435
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -69,13 +38,12 @@ spec:
         - name: ollama-basic-auth
       kind: Rule
       services:
-        - name: ollama
+        - name: unraid
           port: 11435
   tls:
     secretName: ollama-tls
 
 ---
-
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -90,7 +58,6 @@ spec:
     - "ollama.durp.info"
 
 ---
-
 kind: Service
 apiVersion: v1
 metadata:

dmz/internalproxy/templates/open-webui.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: open-webui
-spec:
-  ports:
-    - name: app
-      port: 8089
-      protocol: TCP
-      targetPort: 8089
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: open-webui
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 8089
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,14 +9,13 @@ spec:
     - match: Host(`open-webui.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: open-webui
+        - name: unraid
           port: 8089
           scheme: http
   tls:
     secretName: open-webui-tls
 
 ---
-
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -60,7 +30,6 @@ spec:
     - "open-webui.durp.info"
 
 ---
-
 kind: Service
 apiVersion: v1
 metadata:

dmz/internalproxy/templates/plex.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: plex
-spec:
-  ports:
-    - name: app
-      port: 32400
-      protocol: TCP
-      targetPort: 32400
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: plex
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 32400
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -38,14 +9,13 @@ spec:
     - match: Host(`plex.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: plex
+        - name: unraid
           port: 32400
           scheme: https
   tls:
     secretName: plex-tls
 
 ---
-
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -60,7 +30,6 @@ spec:
     - "plex.durp.info"
 
 ---
-
 kind: Service
 apiVersion: v1
 metadata:

dmz/internalproxy/templates/portainer.yaml

@@ -7,9 +7,9 @@ spec:
     - websecure
   routes:
   - match: Host(`portainer.internal.durp.info`) && PathPrefix(`/`)
-      #middlewares:
+    middlewares:
-      #- name: whitelist
+      - name: whitelist
-      #  namespace: traefik
+        namespace: traefik
     kind: Rule
     services:
       - name: infra-cluster

dmz/internalproxy/templates/registry.yaml

@@ -1,30 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: registry
-spec:
-  ports:
-    - name: app
-      port: 5000
-      protocol: TCP
-      targetPort: 5000
-  clusterIP: None
-  type: ClusterIP
-
----
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: registry
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 5000
-        protocol: TCP
-
----
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -39,7 +12,7 @@ spec:
         - name: whitelist
           namespace: traefik
       services:
-        - name: registry
+        - name: unraid
           port: 5000
   tls:
     secretName: registry-tls

dmz/internalproxy/templates/root-vault.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: root-vault
-spec:
-  ports:
-    - name: app
-      port: 8201
-      protocol: TCP
-      targetPort: 8201
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: root-vault
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 8201
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -41,14 +12,13 @@ spec:
           namespace: traefik
       kind: Rule
       services:
-        - name: root-vault
+        - name: unraid
           port: 8201
           scheme: https
   tls:
     secretName: root-vault-tls
 
 ---
-
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:

dmz/internalproxy/templates/s3.yaml

@@ -1,32 +1,3 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: s3
-spec:
-  ports:
-    - name: app
-      port: 9768
-      protocol: TCP
-      targetPort: 9768
-  clusterIP: None
-  type: ClusterIP
-
----
-
-apiVersion: v1
-kind: Endpoints
-metadata:
-  name: s3
-subsets:
-  - addresses:
-      - ip: 192.168.21.200
-    ports:
-      - name: app
-        port: 9768
-        protocol: TCP
-
----
-
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
@@ -41,7 +12,7 @@ spec:
           namespace: traefik
       kind: Rule
       services:
-        - name: s3
+        - name: unraid
           port: 9768
           scheme: http
   tls:
@@ -75,7 +46,7 @@ spec:
     - match: Host(`s3.durp.info`) && PathPrefix(`/`)
       kind: Rule
       services:
-        - name: s3
+        - name: unraid
           port: 9768
           scheme: http
   tls:

dmz/internalproxy/templates/semaphore.yaml

@@ -1,64 +1,65 @@
-
+#
-apiVersion: v1
+#apiVersion: v1
-kind: Service
+#kind: Service
-metadata:
+#metadata:
-  name: semaphore
+#  name: semaphore
-spec:
+#spec:
-  ports:
+#  ports:
-    - name: app
+#    - name: app
-      port: 3001
+#      port: 3001
-      protocol: TCP
+#      protocol: TCP
-      targetPort: 3001
+#      targetPort: 3001
-  clusterIP: None
+#  clusterIP: None
-  type: ClusterIP
+#  type: ClusterIP
-
+#
----
+#---
-
+#
-apiVersion: v1
+#apiVersion: v1
-kind: Endpoints
+#kind: Endpoints
-metadata:
+#metadata:
-  name: semaphore
+#  name: semaphore
-subsets:
+#subsets:
-  - addresses:
+#  - addresses:
-      - ip: 192.168.21.200
+#      - ip: 192.168.21.200
-    ports:
+#    ports:
-      - name: app
+#      - name: app
-        port: 3001
+#        port: 3001
-        protocol: TCP
+#        protocol: TCP
-
+#
----
+#---
-
+#
-apiVersion: traefik.io/v1alpha1
+#apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
+#kind: IngressRoute
-metadata:
+#metadata:
-  name: semaphore-ingress
+#  name: semaphore-ingress
-spec:
+#spec:
-  entryPoints:
+#  entryPoints:
-    - websecure
+#    - websecure
-  routes:
+#  routes:
-    - match: Host(`semaphore.internal.durp.info`) && PathPrefix(`/`)
+#    - match: Host(`semaphore.internal.durp.info`) && PathPrefix(`/`)
-      middlewares:
+#      middlewares:
-        - name: whitelist
+#        - name: whitelist
-          namespace: traefik
+#          namespace: traefik
-      kind: Rule
+#      kind: Rule
-      services:
+#      services:
-        - name: semaphore
+#        - name: semaphore
-          port: 3001
+#          port: 3001
-          scheme: http
+#          scheme: http
-  tls:
+#  tls:
-    secretName: semaphore-tls
+#    secretName: semaphore-tls
-
+#
----
+#---
-
+#
-apiVersion: cert-manager.io/v1
+#apiVersion: cert-manager.io/v1
-kind: Certificate
+#kind: Certificate
-metadata:
+#metadata:
-  name: semaphore-tls
+#  name: semaphore-tls
-spec:
+#spec:
-  secretName: semaphore-tls
+#  secretName: semaphore-tls
-  issuerRef:
+#  issuerRef:
-    name: vault-issuer
+#    name: vault-issuer
-    kind: ClusterIssuer
+#    kind: ClusterIssuer
-  commonName: "semaphore.internal.durp.info"
+#  commonName: "semaphore.internal.durp.info"
-  dnsNames:
+#  dnsNames:
-    - "semaphore.internal.durp.info"
+#    - "semaphore.internal.durp.info"
+#